kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause a stack based buffer overflow
via a PDF file that exploits an integer overflow in
StreamPredictor::StreamPredictor(). Remotely supplied
pdf files can be used to disrupt the kpdf viewer on
the client machine and possibly execute arbitrary code.

Remote exploitation of a buffer overflow vulnerability in
the xpdf PDF viewer included in multiple Unix and Linux
distributions could allow for arbitrary code execution as
the user viewing a PDF file.

The vulnerability specifically exists due to insufficient
bounds checking while processing a PDF file that provides
malicious values in the /Encrypt /Length tag. The
offending code can be found in the
Decrypt::makeFileKey2 function in the source
file xpdf/Decrypt.cc.

Remote exploitation of a buffer overflow vulnerability in
the xpdf PDF viewer included in multiple Unix and Linux
distributions could allow for arbitrary code execution as
the user viewing a PDF file.

The vulnerability specifically exists due to insufficient
bounds checking while processing a PDF file that provides
malicious values in the /Encrypt /Length tag. The
offending code can be found in the
Decrypt::makeFileKey2 function in the source
file xpdf/Decrypt.cc.

Remote exploitation of a buffer overflow vulnerability in
the xpdf PDF viewer, as included in multiple Linux
distributions, could allow attackers to execute arbitrary
code as the user viewing a PDF file. The offending code
can be found in the Gfx::doImage() function in the source
file xpdf/Gfx.cc.

Remote exploitation of a buffer overflow vulnerability in
the xpdf PDF viewer, as included in multiple Linux
distributions, could allow attackers to execute arbitrary
code as the user viewing a PDF file. The offending code
can be found in the Gfx::doImage() function in the source
file xpdf/Gfx.cc.

kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
a vulnerability that can cause a stack based buffer overflow
via a PDF file that exploits an integer overflow in
StreamPredictor::StreamPredictor(). Remotely supplied
pdf files can be used to disrupt the kpdf viewer on
the client machine and possibly execute arbitrary code.